Commit f5869b72 authored by Mathis Dedial's avatar Mathis Dedial
Browse files

Switch to nethz LDAP library

parent 1b6d13d2
Pipeline #2717 skipped with stage
from flask import Flask, g
from flask import Flask, g, session
from flask_login import LoginManager, UserMixin
from .models import db
from flask_simpleldap import LDAP
from nethz.ldap import AuthenticatedLdap
# Set up Flask app and load configuration
app = Flask(__name__)
......@@ -8,11 +9,30 @@ app.config.from_pyfile('./config.py')
app.secret_key = app.config['SECRET_KEY']
# Initialize LDAP auth
ldap = LDAP(app)
ldap_connector = AuthenticatedLdap(app.config['LDAP_USERNAME'],
app.config['LDAP_PASSWORD'])
# Initialize login manager
login_manager = LoginManager()
login_manager.init_app(app)
# Bind SQLAlchemy to Flask app
db.init_app(app)
class BurgerUser(UserMixin):
'''
Custom user model
'''
is_active = True
def __init__(self, nethz):
self.nethz = nethz
def get_id(self):
return self.nethz
@app.before_request
def set_ldap_test_user():
'''
......
......@@ -13,7 +13,5 @@ SQLALCHEMY_DATABASE_URI = 'mysql+pymysql://{}:{}@{}/{}'.format(MYSQL_USERNAME, M
# Suppress deprecation warning
SQLALCHEMY_TRACK_MODIFICATIONS = False
LDAP_BASE_DN = 'OU=users,dc=example,dc=org'
LDAP_USERNAME = 'CN=user,OU=Users,DC=example,DC=org'
LDAP_PASSWORD = 'notarealpassword'
LDAP_TEST_USER = 'amivtestuser'
LDAP_USERNAME = 'amiv_ldap_username'
LDAP_PASSWORD = 'amiv_ldap_password'
'''
Contains all views
'''
from app import app, ldap
from app import app, ldap_connector, BurgerUser
from datetime import datetime
from flask import flash, g, redirect, render_template, request, session, url_for
from flask_login import login_user, login_required
from sqlalchemy.sql import text
from .mappings import BREAD, PATTY, TOPPINGS, SIDE
from .models import db, Burger, Vote
......@@ -32,7 +33,7 @@ def index():
@app.route('/vote', methods=['POST'])
@ldap.login_required
@login_required
def vote():
'''
Handles POST requests for voting
......@@ -79,20 +80,6 @@ def vote():
return redirect(url_for('index'))
@app.before_request
def load_user():
'''
Load user data before any request processing
'''
try:
if session['nethz']:
g.user = session['nethz']
return
except KeyError:
pass
g.user = None
@app.route('/login', methods=['GET', 'POST'])
def login():
'''
......@@ -103,11 +90,15 @@ def login():
if request.method == 'POST':
user = request.form['user']
passwd = request.form['passwd']
test = ldap.bind_user(user, passwd)
# Attempt to log in using LDAP
test = ldap_connector.authenticate(user, passwd)
if test is None or passwd == '':
flash('Invalid credentials', 'error')
else:
g.user = session['nethz'] = user
# Create instance of BurgerUser
burger_user = BurgerUser(user)
# Log in BurgerUser
login_user(burger_user)
return redirect(url_for('index'))
return render_template('login.html')
......@@ -124,7 +115,7 @@ def logout():
@app.route('/new', methods=['GET', 'POST'])
@ldap.login_required
@login_required
def create():
'''
Burger creator
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment